Migrating a virtual machine over a dedicated additional network

You can configure a dedicated Multus network for live migration. A dedicated network minimizes the effects of network saturation on tenant workloads during live migration.

Configuring a dedicated secondary network for virtual machine live migration

To configure a dedicated secondary network for live migration, you must first create a bridge network attachment definition for the openshift-cnv namespace by using the CLI. Then, add the name of the NetworkAttachmentDefinition object to the HyperConverged custom resource (CR).

Prerequisites

  • You installed the OpenShift CLI (oc).

  • You logged in to the cluster as a user with the cluster-admin role.

  • The Multus Container Network Interface (CNI) plugin is installed on the cluster.

  • Every node on the cluster has at least two Network Interface Cards (NICs), and the NICs to be used for live migration are connected to the same VLAN.

  • The virtual machine (VM) is running with the LiveMigrate eviction strategy.

Procedure

  1. Create a NetworkAttachmentDefinition manifest.

    Example configuration file

    1. apiVersion: "k8s.cni.cncf.io/v1"
    2. kind: NetworkAttachmentDefinition
    3. metadata:
    4.   name: my-secondary-network (1)
    5.   namespace: openshift-cnv (2)
    6. spec:
    7.   config: '{
    8.     "cniVersion": "0.3.1",
    9.     "name": "migration-bridge",
    10.     "type": "macvlan",
    11.     "master": "eth1", (3)
    12.     "mode": "bridge",
    13.     "ipam": {
    14.       "type": "whereabouts", (4)
    15.       "range": "10.200.5.0/24" (5)
    16.     }
    17.   }'
    1The name of the NetworkAttachmentDefinition object.
    2The namespace where the NetworkAttachmentDefinition object resides. This must be openshift-cnv.
    3The name of the NIC to be used for live migration.
    4The name of the CNI plugin that provides the network for this network attachment definition.
    5The IP address range for the secondary network. This range must not have any overlap with the IP addresses of the main network.

  2. Open the HyperConverged CR in your default editor by running the following command:

    1. oc edit hyperconverged kubevirt-hyperconverged -n openshift-cnv

  3. Add the name of the NetworkAttachmentDefinition object to the spec.liveMigrationConfig stanza of the HyperConverged CR. For example:

    Example configuration file

    1. apiVersion: hco.kubevirt.io/v1beta1
    2. kind: HyperConverged
    3. metadata:
    4.   name: kubevirt-hyperconverged
    5. spec:
    6.   liveMigrationConfig:
    7.     completionTimeoutPerGiB: 800
    8.     network: my-secondary-network  (1)
    9.     parallelMigrationsPerCluster: 5
    10.     parallelOutboundMigrationsPerNode: 2
    11.     progressTimeout: 150
    12. # ...
    1The name of the Multus NetworkAttachmentDefinition object to be used for live migrations.

  4. Save your changes and exit the editor. The virt-handler pods restart and connect to the secondary network.

Verification

  • When the node that the virtual machine runs on is placed into maintenance mode, the VM automatically migrates to another node in the cluster. You can verify that the migration occurred over the secondary network and not the default pod network by checking the target IP address in the virtual machine instance (VMI) metadata.

    1. oc get vmi <vmi_name> -o jsonpath='{.status.migrationState.targetNodeAddress}'

Selecting a dedicated network by using the web console

You can select a dedicated network for live migration by using the OKD web console.

Prerequisites

  • You configured a Multus network for live migration.

Procedure

  1. Navigate to Virtualization > Overview in the OKD web console.

  2. Click the Settings tab and then click Live migration.

  3. Select the network from the Live migration network list.

Additional resources